Did Russia spy on G-20 by handing out free thumb drives?

posted at 2:41 pm on October 31, 2013 by Ed Morrissey

It can’t be this easy, can it? The espionage spotlight shifted abruptly from US surveillance on allies to Russian snooping on fellow G-20 members in St. Petersburg last month. According to Italian newspaper Corriere della Sera, Russians handed out swag bags to the ministers at the conference that included teddy bears, diaries, thumb drives, and smartphone cables. The latter two, however, were later found to have some intriguing modifications:

According to the paper, Herman Van Rompuy, president of the European Council, had a debriefing with security officials after returning from St. Petersburg. The report was swiftly picked up by news agencies and newspapers in other countries.

The security team then conducted an examination of the thumb drives, which the Russians distributed as gifts to the 300 foreign delegates, who also received stuffed teddy bears, cups, diaries and cables to connect smartphones with computers, the Italian paper reported. Later, the European Council’s security office sent a report to Group of 20 participants, warning that some of the USB drives, as well as the cables, appeared to have been tampered with, Corriere della Sera said.

The European officials then handed the devices to German intelligence services, which conducted more tests and concluded that the sabotaged electronic equipment could be used to intercept data from computers and mobile phones. Corriere della Sera also reported that Italian secret service agents were still examining some of the devices distributed to Italy’s delegation.

In Brussels, a media official in Mr. Rompuy’s office declined to comment on Wednesday. “There are always measures in place to protect the infrastructure of the council and, as a rule, there is a cooperation with member states,” said the official, Nicolas Kerleroux. “But we won’t comment on any specific matter.”

No one at the conference was dumb enough to actually use them, were they? Or did they just figure that the country that has been run by a former KGB official for more than a decade could be trusted not to snoop on them now that they’re all friends? After all, Putin gave Edward Snowden asylum for exposing those rotten Americans for collecting foreign signals intelligence with an agency that shares the collection with, er, most of the people in the room. Or something.

On the other hand, we have to appreciate the old-school spycraft that went into this effort. The US can tap into the Internet any time they like and has the resources for the brute-force method of data mining. Hiding devices in swag bags … that has the authentic ring of the Bond era, no?

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Why has the NSA NOT shut down the website as a matter of national security?
I’m no expert in this but it seems to me that if nothing else is working, why do we turn a political blind eye to the security problems and assume that there are none.

Here are a few things that I have seen.
1. If you put any encrypted password into the “USER NAME” slot on sign in, it will display the password in the open. That can’t be good.

2. If you do get to sign in then the web site opens a port to ALL Government computers at the same time. A web site debugging program like the one that comes with “FireFox” will openly display all connections, access and port informations for all these other government computers. This can not be any good.

Why is the Government only concerned with their images here and not once addressed the issues of security.

My suggestion to everyone would be to stay far away from this site for some time to come.

When I worked for a certain DON organization anyone traveling to China, Russia and a few other countries were forbidden from taking any electronic devices that had storage capabilities with them because we knew they would most likely be hacked in some way.

How were they modified? How do you turn a phone data cable into some thing that will give you data? How do you modify a thumb drive to give you data if not in your possession. The only thing I can thing of is a app that installs onto a computer and then sends the data via the internet.

How were they modified? How do you turn a phone data cable into some thing that will give you data? How do you modify a thumb drive to give you data if not in your possession. The only thing I can thing of is a app that installs onto a computer and then sends the data via the internet.

Dr. Frank Enstine on October 31, 2013 at 3:34 PM

Just before I left the AF in 2009 we were forbidden to use USB drives on govt computers. The Chinese were infecting GI’s USB drives with viruses on their home computers, then transferring it to work computers. Great way to get a trojan through the network gates. Made it a pain in the a** because our flight manuals were on USB drives. Had to go back to the paper version.

How were they modified? How do you turn a phone data cable into some thing that will give you data? How do you modify a thumb drive to give you data if not in your possession. The only thing I can thing of is a app that installs onto a computer and then sends the data via the internet.

Dr. Frank Enstine on October 31, 2013 at 3:34 PM

There is space for auto-run code on a thumb-drive – it executes when the drive is inserted into into a computer, without the owner being notified or asked. So it’s a great vector for inserting a virus or worm. In fact, leaving a few infected thumb drives scattered around the parking lot of an office building is a classic technique for getting inside the firewall… someone is sure to pick one of them up, carry it to their desk, and plug it in “to see what’s on it”.